Safe Haskell | None |
---|---|
Language | Haskell2010 |
- type Threshold = Integer
- type ShareId = Integer
- data ExtraGen
- data Point
- data Proof
- data Scalar
- data Secret
- newtype PublicKey = PublicKey Point
- newtype PrivateKey = PrivateKey Scalar
- data KeyPair = KeyPair {}
- newtype DhSecret = DhSecret ByteString
- data Escrow = Escrow {
- escrowExtraGen :: !ExtraGen
- escrowPolynomial :: !Polynomial
- escrowSecret :: !Secret
- escrowProof :: !Proof
- data Commitment
- data EncryptedShare = EncryptedShare {
- shareID :: !ShareId
- shareEncryptedVal :: !Point
- shareValidProof :: !Proof
- data DecryptedShare = DecryptedShare {}
- escrow :: MonadRandom randomly => Threshold -> [PublicKey] -> randomly (ExtraGen, Secret, Proof, [Commitment], [EncryptedShare])
- escrowWith :: MonadRandom randomly => Escrow -> [PublicKey] -> randomly ([Commitment], [EncryptedShare])
- escrowNew :: MonadRandom randomly => Threshold -> randomly Escrow
- createCommitments :: Escrow -> [Commitment]
- sharesCreate :: MonadRandom randomly => Escrow -> [Commitment] -> [PublicKey] -> randomly [EncryptedShare]
- shareCreate :: MonadRandom randomly => Escrow -> [Commitment] -> ShareId -> PublicKey -> randomly EncryptedShare
- shareDecrypt :: MonadRandom randomly => KeyPair -> EncryptedShare -> randomly DecryptedShare
- verifyEncryptedShare :: ExtraGen -> [Commitment] -> (EncryptedShare, PublicKey) -> Bool
- verifyDecryptedShare :: (EncryptedShare, PublicKey, DecryptedShare) -> Bool
- verifySecret :: ExtraGen -> [Commitment] -> Secret -> Proof -> Bool
- getValidRecoveryShares :: Threshold -> [(EncryptedShare, PublicKey, DecryptedShare)] -> [DecryptedShare]
- recover :: [DecryptedShare] -> Secret
- secretToDhSecret :: Secret -> DhSecret
- keyPairGenerate :: MonadRandom randomly => randomly KeyPair
Simple alias
type Threshold = Integer Source #
The number of shares needed to reconstitute the secret
Threshold need to be a strictly positive, and less or equal to number of participants given N the number of participants, this should hold: 1 <= t <= N
Extra generator
The generated proof
Secret
Public Key
newtype PrivateKey Source #
Private Key
Types
Escrow | |
|
data Commitment Source #
data EncryptedShare Source #
An encrypted share associated to a party's key.
EncryptedShare | |
|
data DecryptedShare Source #
An decrypted share decrypted by a party's key and
DecryptedShare | |
|
method
:: MonadRandom randomly | |
=> Threshold | PVSS scheme configuration n/t threshold |
-> [PublicKey] | Participants public keys |
-> randomly (ExtraGen, Secret, Proof, [Commitment], [EncryptedShare]) |
Prepare a secret into public encrypted shares for distributions using the PVSS scheme
returns: * the encrypted secret which is locked symmetrically to the DH-secret (g^random) * the list of public commitments (Cj) to the scheme * The encrypted shares that should be distributed to each partipants.
:: MonadRandom randomly | |
=> Escrow | |
-> [PublicKey] | Participants public keys |
-> randomly ([Commitment], [EncryptedShare]) |
Escrow with a given polynomial
escrowNew :: MonadRandom randomly => Threshold -> randomly Escrow Source #
Prepare a new escrowing context
The only needed parameter is the threshold do not re-use an escrow context for different context.
createCommitments :: Escrow -> [Commitment] Source #
Create all the commitments
there is threshold commitments in the list
sharesCreate :: MonadRandom randomly => Escrow -> [Commitment] -> [PublicKey] -> randomly [EncryptedShare] Source #
Create all the encrypted share associated with specific public key
shareCreate :: MonadRandom randomly => Escrow -> [Commitment] -> ShareId -> PublicKey -> randomly EncryptedShare Source #
Create a specific share given a public key and the overall parameters
shareDecrypt :: MonadRandom randomly => KeyPair -> EncryptedShare -> randomly DecryptedShare Source #
Decrypt an Encrypted share using the party's key pair.
Doesn't verify if an encrypted share is valid, for this
you need to use verifyEncryptedShare
1) compute Si = Yi ^ (1/xi) = G^(p(i)) 2) create a proof of the valid decryption
:: ExtraGen | |
-> [Commitment] | |
-> (EncryptedShare, PublicKey) | the encrypted and the associated public key |
-> Bool |
Verify an encrypted share
anyone can do that given the extra generator and the commitments
verifyDecryptedShare :: (EncryptedShare, PublicKey, DecryptedShare) -> Bool Source #
Verify a decrypted share against the public key and the encrypted share
verifySecret :: ExtraGen -> [Commitment] -> Secret -> Proof -> Bool Source #
Verify that a secret recovered is the one escrow
getValidRecoveryShares :: Threshold -> [(EncryptedShare, PublicKey, DecryptedShare)] -> [DecryptedShare] Source #
Get #Threshold decrypted share that are deemed valid
recover :: [DecryptedShare] -> Secret Source #
Recover the DhSecret used
Need to pass the correct amount of shares (# threshold),
preferably from a getValidRecoveryShares
call
secretToDhSecret :: Secret -> DhSecret Source #
Transform a secret into a usable random value
temporary export to get testing
keyPairGenerate :: MonadRandom randomly => randomly KeyPair Source #